Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.3

    HIGH
    CVE-2002-2233

    Directory traversal vulnerability in Enceladus Server Suite 3.9 allows remote attackers to list arbitrary directories and possibly cause a denial of service via "@" (at) characters in a CD (CWD) command, such as (1) "@/....\", (2) "@@@/..c:\", or (3) "@/.... Read more

    Affected Products : enceladus_server_suite
    • EPSS Score: %0.17
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1751

    csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.... Read more

    Affected Products : cslivesupport
    • EPSS Score: %0.38
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.3

    MEDIUM
    CVE-2002-2341

    Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL.... Read more

    Affected Products : soho3
    • EPSS Score: %0.51
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1987

    Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read arbitrary files via a "\.." (backslash dot dot).... Read more

    Affected Products : resin
    • EPSS Score: %0.23
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2200

    Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein (1) entete.php, (2) enteteacceuil.php, (3) index.php, or (4) newtopic.php.... Read more

    Affected Products : dobermann_forum
    • EPSS Score: %3.35
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2237

    tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux.... Read more

    Affected Products : tftp_server
    • EPSS Score: %0.78
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2069

    PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.... Read more

    Affected Products : personal_privacy
    • EPSS Score: %0.70
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2241

    Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers to cause a denial of service (crash) via a long HTTP OPTIONS request.... Read more

    Affected Products : visnetic_website
    • EPSS Score: %0.54
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2287

    PHP remote file inclusion vulnerability in quick_reply.php for phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 allows remote attackers to execute arbitrary PHP code via the phpbb_root_path parameter.... Read more

    Affected Products : advanced_quick_reply_hack
    • EPSS Score: %0.34
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.8

    HIGH
    CVE-2002-2354

    Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests.... Read more

    Affected Products : fm114p
    • EPSS Score: %0.98
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2323

    Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions.... Read more

    Affected Products : solaris_pc_netlink
    • EPSS Score: %0.11
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-1850

    mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a denial of service (hang and memory consumption) by causing a CGI script to send a large amount of data to stderr, which results in a read/write deadlock betwee... Read more

    Affected Products : http_server
    • EPSS Score: %2.40
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-1827

    Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.... Read more

    Affected Products : sendmail
    • EPSS Score: %0.41
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2013

    Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.... Read more

    Affected Products : mozilla navigator communicator
    • EPSS Score: %0.48
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-1747

    Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB.... Read more

    Affected Products : vtun
    • EPSS Score: %0.34
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 2.1

    LOW
    CVE-2002-2412

    Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.... Read more

    Affected Products : winamp
    • EPSS Score: %0.13
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 5.0

    MEDIUM
    CVE-2002-2349

    phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.... Read more

    Affected Products : phpbbmod
    • EPSS Score: %1.09
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 4.0

    MEDIUM
    CVE-2002-2175

    phpSquidPass before 0.2 uses an incomplete regular expression to find a matching username in its database, which allows remote authenticated attackers to effectively delete other usernames via a short username that matches the end of the targeted username... Read more

    Affected Products : phpsquidpass
    • EPSS Score: %0.18
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 7.5

    HIGH
    CVE-2002-2168

    SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including function_describe_item1.inc.php.... Read more

    Affected Products : 123tkshop
    • EPSS Score: %1.04
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025

  • 10.0

    HIGH
    CVE-2002-2152

    The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected.... Read more

    Affected Products : 602pro_lan_suite
    • EPSS Score: %1.10
    • Published: Dec. 31, 2002
    • Modified: Apr. 03, 2025
Showing 20 of 291634 Results